Web browser security warnings after installing SSL certificate

Some of the most popular web browsers have begun to show an "insecure" warning when visiting pages that are not accessed via HTTPS. The "insecure" warning may also be triggered during an HTTPS connection if any page elements are not accessed via HTTPS, such as images or external scripts.

After you have installed an SSL certificate for your domain there are still some things you may need to do to prevent any "insecure" warnings in your user's web browser. The most common issue we see is when someone installs an SSL certificate but does not properly direct site traffic to use it.

Installing an SSL certificate makes https available, but it does not force your visitors to use HTTPS. To force all incoming connections to use HTTPS you must add an entry to the system.webServer element of your web.config file (you'll have to create the file if you don't already have one) that uses the IIS URL rewrite module to redirect all non-HTTPS traffic to HTTPS: